<html>
<head><meta charset="utf-8"><title>encrypt local files · general · Zulip Chat Archive</title></head>
<h2>Stream: <a href="https://rust-lang.github.io/zulip_archive/stream/122651-general/index.html">general</a></h2>
<h3>Topic: <a href="https://rust-lang.github.io/zulip_archive/stream/122651-general/topic/encrypt.20local.20files.html">encrypt local files</a></h3>

<hr>

<base href="https://rust-lang.zulipchat.com">

<head><link href="https://rust-lang.github.io/zulip_archive/style.css" rel="stylesheet"></head>

<a name="185867225"></a>
<h4><a href="https://rust-lang.zulipchat.com#narrow/stream/122651-general/topic/encrypt%20local%20files/near/185867225" class="zl"><img src="https://rust-lang.github.io/zulip_archive/assets/img/zulip.svg" alt="view this post on Zulip" style="width:20px;height:20px;"></a> xliiv <a href="https://rust-lang.github.io/zulip_archive/stream/122651-general/topic/encrypt.20local.20files.html#185867225">(Jan 16 2020 at 22:10)</a>:</h4>
<p>Any crate for encrypting files with a password?</p>



<a name="185868553"></a>
<h4><a href="https://rust-lang.zulipchat.com#narrow/stream/122651-general/topic/encrypt%20local%20files/near/185868553" class="zl"><img src="https://rust-lang.github.io/zulip_archive/assets/img/zulip.svg" alt="view this post on Zulip" style="width:20px;height:20px;"></a> xliiv <a href="https://rust-lang.github.io/zulip_archive/stream/122651-general/topic/encrypt.20local.20files.html#185868553">(Jan 16 2020 at 22:26)</a>:</h4>
<p>potential solution <a href="https://docs.rs/openssl/0.10.26/openssl/aes/index.html" target="_blank" title="https://docs.rs/openssl/0.10.26/openssl/aes/index.html">https://docs.rs/openssl/0.10.26/openssl/aes/index.html</a></p>



<a name="185868784"></a>
<h4><a href="https://rust-lang.zulipchat.com#narrow/stream/122651-general/topic/encrypt%20local%20files/near/185868784" class="zl"><img src="https://rust-lang.github.io/zulip_archive/assets/img/zulip.svg" alt="view this post on Zulip" style="width:20px;height:20px;"></a> xliiv <a href="https://rust-lang.github.io/zulip_archive/stream/122651-general/topic/encrypt.20local.20files.html#185868784">(Jan 16 2020 at 22:29)</a>:</h4>
<p>another one<br>
<a href="https://docs.rs/themis/0.12.0/themis/secure_cell/index.html" target="_blank" title="https://docs.rs/themis/0.12.0/themis/secure_cell/index.html">https://docs.rs/themis/0.12.0/themis/secure_cell/index.html</a></p>



<a name="185869308"></a>
<h4><a href="https://rust-lang.zulipchat.com#narrow/stream/122651-general/topic/encrypt%20local%20files/near/185869308" class="zl"><img src="https://rust-lang.github.io/zulip_archive/assets/img/zulip.svg" alt="view this post on Zulip" style="width:20px;height:20px;"></a> xliiv <a href="https://rust-lang.github.io/zulip_archive/stream/122651-general/topic/encrypt.20local.20files.html#185869308">(Jan 16 2020 at 22:35)</a>:</h4>
<p>another one <a href="https://docs.rs/aes-ctr/0.3.0/aes_ctr/" target="_blank" title="https://docs.rs/aes-ctr/0.3.0/aes_ctr/">https://docs.rs/aes-ctr/0.3.0/aes_ctr/</a></p>



<a name="185992231"></a>
<h4><a href="https://rust-lang.zulipchat.com#narrow/stream/122651-general/topic/encrypt%20local%20files/near/185992231" class="zl"><img src="https://rust-lang.github.io/zulip_archive/assets/img/zulip.svg" alt="view this post on Zulip" style="width:20px;height:20px;"></a> Elichai Turkel <a href="https://rust-lang.github.io/zulip_archive/stream/122651-general/topic/encrypt.20local.20files.html#185992231">(Jan 18 2020 at 11:49)</a>:</h4>
<p>Please keep in mind that you must use authenticated encryption (ie aes-gcm / chacha20-poly1305)<br>
I'd either use ring or the aead crate</p>



<a name="185992926"></a>
<h4><a href="https://rust-lang.zulipchat.com#narrow/stream/122651-general/topic/encrypt%20local%20files/near/185992926" class="zl"><img src="https://rust-lang.github.io/zulip_archive/assets/img/zulip.svg" alt="view this post on Zulip" style="width:20px;height:20px;"></a> xliiv <a href="https://rust-lang.github.io/zulip_archive/stream/122651-general/topic/encrypt.20local.20files.html#185992926">(Jan 18 2020 at 12:10)</a>:</h4>
<p>just learnt what authenticated encryption is, thanks.<br>
makes sense, and i'm going to use.<br>
however, <a href="https://docs.rs/ring/0.16.9/ring/index.html" target="_blank" title="https://docs.rs/ring/0.16.9/ring/index.html">https://docs.rs/ring/0.16.9/ring/index.html</a> looks a bit too low-level.. or at least assumes more encryption knowledge than i have.. <br>
any example how to use it?</p>



<a name="185992987"></a>
<h4><a href="https://rust-lang.zulipchat.com#narrow/stream/122651-general/topic/encrypt%20local%20files/near/185992987" class="zl"><img src="https://rust-lang.github.io/zulip_archive/assets/img/zulip.svg" alt="view this post on Zulip" style="width:20px;height:20px;"></a> xliiv <a href="https://rust-lang.github.io/zulip_archive/stream/122651-general/topic/encrypt.20local.20files.html#185992987">(Jan 18 2020 at 12:12)</a>:</h4>
<p>found it? <a href="https://gist.github.com/jaysonsantos/117c1f7623a2fb2c39e47f6cf87860a3" target="_blank" title="https://gist.github.com/jaysonsantos/117c1f7623a2fb2c39e47f6cf87860a3">https://gist.github.com/jaysonsantos/117c1f7623a2fb2c39e47f6cf87860a3</a></p>



<a name="185996392"></a>
<h4><a href="https://rust-lang.zulipchat.com#narrow/stream/122651-general/topic/encrypt%20local%20files/near/185996392" class="zl"><img src="https://rust-lang.github.io/zulip_archive/assets/img/zulip.svg" alt="view this post on Zulip" style="width:20px;height:20px;"></a> xliiv <a href="https://rust-lang.github.io/zulip_archive/stream/122651-general/topic/encrypt.20local.20files.html#185996392">(Jan 18 2020 at 13:55)</a>:</h4>
<p>can't use Ring crate.. there is no example which could explain it to me <br>
<a href="https://github.com/briansmith/ring/issues/418" target="_blank" title="https://github.com/briansmith/ring/issues/418">https://github.com/briansmith/ring/issues/418</a><br>
and the one i found is outdated</p>



<a name="185996526"></a>
<h4><a href="https://rust-lang.zulipchat.com#narrow/stream/122651-general/topic/encrypt%20local%20files/near/185996526" class="zl"><img src="https://rust-lang.github.io/zulip_archive/assets/img/zulip.svg" alt="view this post on Zulip" style="width:20px;height:20px;"></a> xliiv <a href="https://rust-lang.github.io/zulip_archive/stream/122651-general/topic/encrypt.20local.20files.html#185996526">(Jan 18 2020 at 13:59)</a>:</h4>
<p>aead crate (<a href="https://github.com/RustCrypto/traits" target="_blank" title="https://github.com/RustCrypto/traits">https://github.com/RustCrypto/traits</a>) is also not what i needed, it's some sort of trait collection.. did i found what you're talking about?</p>



<a name="185996527"></a>
<h4><a href="https://rust-lang.zulipchat.com#narrow/stream/122651-general/topic/encrypt%20local%20files/near/185996527" class="zl"><img src="https://rust-lang.github.io/zulip_archive/assets/img/zulip.svg" alt="view this post on Zulip" style="width:20px;height:20px;"></a> xliiv <a href="https://rust-lang.github.io/zulip_archive/stream/122651-general/topic/encrypt.20local.20files.html#185996527">(Jan 18 2020 at 13:59)</a>:</h4>
<p><span class="user-mention" data-user-id="249222">@Elichai Turkel</span></p>



<a name="185996610"></a>
<h4><a href="https://rust-lang.zulipchat.com#narrow/stream/122651-general/topic/encrypt%20local%20files/near/185996610" class="zl"><img src="https://rust-lang.github.io/zulip_archive/assets/img/zulip.svg" alt="view this post on Zulip" style="width:20px;height:20px;"></a> Elichai Turkel <a href="https://rust-lang.github.io/zulip_archive/stream/122651-general/topic/encrypt.20local.20files.html#185996610">(Jan 18 2020 at 14:01)</a>:</h4>
<p>Yeah ring is somewhat messy.<br>
Look at the table here: <a href="https://github.com/RustCrypto/AEADs/blob/master/README.md" target="_blank" title="https://github.com/RustCrypto/AEADs/blob/master/README.md">https://github.com/RustCrypto/AEADs/blob/master/README.md</a><br>
My recommendation is if it's meant to run on x86 use aes-gcm if also phones/low resource devices then use chacha20-poly1305 (the first has hardware implementations while the latter is really fast in software)</p>



<a name="185996680"></a>
<h4><a href="https://rust-lang.zulipchat.com#narrow/stream/122651-general/topic/encrypt%20local%20files/near/185996680" class="zl"><img src="https://rust-lang.github.io/zulip_archive/assets/img/zulip.svg" alt="view this post on Zulip" style="width:20px;height:20px;"></a> Elichai Turkel <a href="https://rust-lang.github.io/zulip_archive/stream/122651-general/topic/encrypt.20local.20files.html#185996680">(Jan 18 2020 at 14:03)</a>:</h4>
<p>If you do want to use ring this is something I wrote a year or so ago which you can look at as example:</p>
<p><a href="https://github.com/elichai/Lorenz/blob/master/src/encryption.rs" target="_blank" title="https://github.com/elichai/Lorenz/blob/master/src/encryption.rs">https://github.com/elichai/Lorenz/blob/master/src/encryption.rs</a></p>



<a name="185997244"></a>
<h4><a href="https://rust-lang.zulipchat.com#narrow/stream/122651-general/topic/encrypt%20local%20files/near/185997244" class="zl"><img src="https://rust-lang.github.io/zulip_archive/assets/img/zulip.svg" alt="view this post on Zulip" style="width:20px;height:20px;"></a> xliiv <a href="https://rust-lang.github.io/zulip_archive/stream/122651-general/topic/encrypt.20local.20files.html#185997244">(Jan 18 2020 at 14:19)</a>:</h4>
<p>finally <a href="https://docs.rs/aes-gcm/0.3.0/aes_gcm/#usage" target="_blank" title="https://docs.rs/aes-gcm/0.3.0/aes_gcm/#usage">something</a> speaks my tongue<br>
i'm a bit concerned about</p>
<ol>
<li>the content of this <a href="https://github.com/RustCrypto/AEADs/tree/master/aes-gcm#security-warning" target="_blank" title="https://github.com/RustCrypto/AEADs/tree/master/aes-gcm#security-warning">https://github.com/RustCrypto/AEADs/tree/master/aes-gcm#security-warning</a></li>
<li>the count of contributors - only 4</li>
</ol>
<p>but since i'm working on a toy project, i can live with that..</p>
<p>anyway thanks <span class="user-mention" data-user-id="249222">@Elichai Turkel</span> it helps a lot</p>



<a name="185997305"></a>
<h4><a href="https://rust-lang.zulipchat.com#narrow/stream/122651-general/topic/encrypt%20local%20files/near/185997305" class="zl"><img src="https://rust-lang.github.io/zulip_archive/assets/img/zulip.svg" alt="view this post on Zulip" style="width:20px;height:20px;"></a> Elichai Turkel <a href="https://rust-lang.github.io/zulip_archive/stream/122651-general/topic/encrypt.20local.20files.html#185997305">(Jan 18 2020 at 14:21)</a>:</h4>
<p>Yep. That's why I proposed ring, I have more trust in ring than that.<br>
On the other hand it's harder to screw up chacha so that might be a better fit</p>



<a name="185997366"></a>
<h4><a href="https://rust-lang.zulipchat.com#narrow/stream/122651-general/topic/encrypt%20local%20files/near/185997366" class="zl"><img src="https://rust-lang.github.io/zulip_archive/assets/img/zulip.svg" alt="view this post on Zulip" style="width:20px;height:20px;"></a> xliiv <a href="https://rust-lang.github.io/zulip_archive/stream/122651-general/topic/encrypt.20local.20files.html#185997366">(Jan 18 2020 at 14:22)</a>:</h4>
<p>ok, then i'll give ring another chance since i've got a new input which is your Lorenz example</p>



<a name="185997472"></a>
<h4><a href="https://rust-lang.zulipchat.com#narrow/stream/122651-general/topic/encrypt%20local%20files/near/185997472" class="zl"><img src="https://rust-lang.github.io/zulip_archive/assets/img/zulip.svg" alt="view this post on Zulip" style="width:20px;height:20px;"></a> Elichai Turkel <a href="https://rust-lang.github.io/zulip_archive/stream/122651-general/topic/encrypt.20local.20files.html#185997472">(Jan 18 2020 at 14:26)</a>:</h4>
<p>Ping if you need any help :)</p>



<a name="186058561"></a>
<h4><a href="https://rust-lang.zulipchat.com#narrow/stream/122651-general/topic/encrypt%20local%20files/near/186058561" class="zl"><img src="https://rust-lang.github.io/zulip_archive/assets/img/zulip.svg" alt="view this post on Zulip" style="width:20px;height:20px;"></a> xliiv <a href="https://rust-lang.github.io/zulip_archive/stream/122651-general/topic/encrypt.20local.20files.html#186058561">(Jan 19 2020 at 22:05)</a>:</h4>
<p><span class="user-mention" data-user-id="249222">@Elichai Turkel</span> could you look at this code and tell if it's wrong?<br>
<a href="https://github.com/briansmith/ring/compare/master...xliiv:aead-example?expand=1" target="_blank" title="https://github.com/briansmith/ring/compare/master...xliiv:aead-example?expand=1">https://github.com/briansmith/ring/compare/master...xliiv:aead-example?expand=1</a></p>
<p>Plus, there are 2 questions, see code comments, do you have answers maybe?</p>



<a name="186058650"></a>
<h4><a href="https://rust-lang.zulipchat.com#narrow/stream/122651-general/topic/encrypt%20local%20files/near/186058650" class="zl"><img src="https://rust-lang.github.io/zulip_archive/assets/img/zulip.svg" alt="view this post on Zulip" style="width:20px;height:20px;"></a> xliiv <a href="https://rust-lang.github.io/zulip_archive/stream/122651-general/topic/encrypt.20local.20files.html#186058650">(Jan 19 2020 at 22:07)</a>:</h4>
<p>i know you decrypt a bit diffrently in Lorenz, but i couldn't apply your way.. because i was getting error when creating <code>OpeningKey</code></p>



<a name="186060022"></a>
<h4><a href="https://rust-lang.zulipchat.com#narrow/stream/122651-general/topic/encrypt%20local%20files/near/186060022" class="zl"><img src="https://rust-lang.github.io/zulip_archive/assets/img/zulip.svg" alt="view this post on Zulip" style="width:20px;height:20px;"></a> Elichai Turkel <a href="https://rust-lang.github.io/zulip_archive/stream/122651-general/topic/encrypt.20local.20files.html#186060022">(Jan 19 2020 at 22:34)</a>:</h4>
<ol>
<li>PBKDF2 salt should be random IIRC probably best to read the RFC</li>
</ol>



<a name="186062712"></a>
<h4><a href="https://rust-lang.zulipchat.com#narrow/stream/122651-general/topic/encrypt%20local%20files/near/186062712" class="zl"><img src="https://rust-lang.github.io/zulip_archive/assets/img/zulip.svg" alt="view this post on Zulip" style="width:20px;height:20px;"></a> Elichai Turkel <a href="https://rust-lang.github.io/zulip_archive/stream/122651-general/topic/encrypt.20local.20files.html#186062712">(Jan 19 2020 at 23:42)</a>:</h4>
<ol start="2">
<li>About rand_vec the nonce can be public and is usually prepended to the cipher text</li>
</ol>



<a name="186062787"></a>
<h4><a href="https://rust-lang.zulipchat.com#narrow/stream/122651-general/topic/encrypt%20local%20files/near/186062787" class="zl"><img src="https://rust-lang.github.io/zulip_archive/assets/img/zulip.svg" alt="view this post on Zulip" style="width:20px;height:20px;"></a> Elichai Turkel <a href="https://rust-lang.github.io/zulip_archive/stream/122651-general/topic/encrypt.20local.20files.html#186062787">(Jan 19 2020 at 23:45)</a>:</h4>
<ol start="3">
<li>About the last question <code>open_in_place</code> returns you the exact slice that contains the decrypted data, you can either use it or use it to retrieve the length and shorten your Vec</li>
</ol>



<a name="186130213"></a>
<h4><a href="https://rust-lang.zulipchat.com#narrow/stream/122651-general/topic/encrypt%20local%20files/near/186130213" class="zl"><img src="https://rust-lang.github.io/zulip_archive/assets/img/zulip.svg" alt="view this post on Zulip" style="width:20px;height:20px;"></a> xliiv <a href="https://rust-lang.github.io/zulip_archive/stream/122651-general/topic/encrypt.20local.20files.html#186130213">(Jan 20 2020 at 20:14)</a>:</h4>
<blockquote>
<p>About the last question open_in_place returns you the exact slice that contains the decrypted data, you can either use it or use it to retrieve the length and shorten your Vec</p>
</blockquote>
<p>works like a charm - thank you!</p>
<blockquote>
<p>probably best to read the RFC</p>
</blockquote>
<p>although, i'm not compatible with RFCs (are too generic i prefer code), this one somewhat helped - thanks again!</p>
<blockquote>
<p>prepended to the cipher text</p>
</blockquote>
<p>i'm going to use it (when i was experimenting with your way of decryption i failed. now i know why.. i only adopted your decryption and not encryption which is why the decryption failed)</p>



<a name="186132313"></a>
<h4><a href="https://rust-lang.zulipchat.com#narrow/stream/122651-general/topic/encrypt%20local%20files/near/186132313" class="zl"><img src="https://rust-lang.github.io/zulip_archive/assets/img/zulip.svg" alt="view this post on Zulip" style="width:20px;height:20px;"></a> xliiv <a href="https://rust-lang.github.io/zulip_archive/stream/122651-general/topic/encrypt.20local.20files.html#186132313">(Jan 20 2020 at 20:53)</a>:</h4>
<blockquote>
<p>i'm going to use it (when i was experimenting with your way of decryption i failed. now i know why.. i only adopted your decryption and not encryption which is why the decryption failed)</p>
</blockquote>
<p>yep, confirmed.. i adopted Lorence's both encrypt AND decrypt and now it fucking works! \o/<br>
HUGE thanks <span class="user-mention" data-user-id="249222">@Elichai Turkel</span></p>



<a name="186132826"></a>
<h4><a href="https://rust-lang.zulipchat.com#narrow/stream/122651-general/topic/encrypt%20local%20files/near/186132826" class="zl"><img src="https://rust-lang.github.io/zulip_archive/assets/img/zulip.svg" alt="view this post on Zulip" style="width:20px;height:20px;"></a> Elichai Turkel <a href="https://rust-lang.github.io/zulip_archive/stream/122651-general/topic/encrypt.20local.20files.html#186132826">(Jan 20 2020 at 21:01)</a>:</h4>
<p>You're welcome :)</p>



<hr><p>Last updated: Aug 07 2021 at 22:04 UTC</p>
</html>